AWS Certified Security – Specialty ( Security Engineering on AWS )
Total Question for this course: 20

Total Questions − 20 Select The Correct Answer(s)
Question: You are working in the IT security team in a big company. In order to perform security checks in AWS services, you have written dozens of custom AWS Config rules. One of them is to check if the S3 bucket policy contains certain explicit denies. This particular Config rule is supposed to be applied for all S3 buckets. Your manager has asked you how to trigger the custom Config rule. Which answers are correct? (Select TWO.)
It can be triggered through a cron job such as every 5 minutes.
Custom Config rules can only be triggered manually through AWS Config console or CLI command.
It can be triggered whenever there is a configuration change for a S3 bucket.
The custom Config rule can be triggered periodically such as every hour.